Primary

Context

Funambol Cloud Server Padding Oracle Attack Vulnerability

Vulnerability

A Padding Oracle Attack vulnerability has been identified in Funambol Cloud Server version 30.0.0.20. This vulnerability allows an attacker to decrypt and encrypt parameters used by the application to create 'self-signed' access URLs, exploiting weak encryption practices.

Impact

Exploitation of this vulnerability allows for a Padding Oracle Attack, where an attacker can manipulate and decrypt encrypted data, potentially leading to unauthorized access or modification of information.

Remediation

Users can upgrade to Funambol version 31.0.0.0 to address this vulnerability.

Added: Jan 28, 2026, 11:22 AM

Updated: Jan 28, 2026, 11:22 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Funambol Cloud Server Padding Oracle Attack Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating